About “IL:Trojan.MSILZilla.12712” infection

The IL:Trojan.MSILZilla.12712 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What IL:Trojan.MSILZilla.12712 virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine IL:Trojan.MSILZilla.12712?


File Info:
name: F09D1D40D778253EE436.mlw
path: /opt/CAPEv2/storage/binaries/8202702ba3fc88caed991c13532517dac058b7fdc974ff0f0f7d6974458b41bc
crc32: 222BEDE4
md5: f09d1d40d778253ee43688750af71c8b
sha1: b7ef42db826fe5542800626325a831898e84a850
sha256: 8202702ba3fc88caed991c13532517dac058b7fdc974ff0f0f7d6974458b41bc
sha512: 15ca0ec6c5467c11717c066effa7fc56d651d0c4559535227bb4ac2fee7c84cb02aac0789fb6f296ce8e25aabf16a3c4a0108020a459082de118edb60f62173f
ssdeep: 384:IL31OdbdFrKeqhJYebo7aX5tKpkpspFpEppCp5p9ptYcFwVc03K:IL3KdxKeYmebYy5trgtYcFwVc6K
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1C5620921F6A40322DA7D12B958F35709E331A5A309A2CF5A3DCC52563F632EE52533E7
sha3_384: 1a42a789be475e635961ac887243cec596b9977ac37ae652503b1c8db4715151f864c2dc7d3f8259011352122a43f48d
ep_bytes: ff250020400000000000000000000000
timestamp: 2047-02-26 19:58:03

Version Info:
Translation: 0x0000 0x04b0
Comments: BlueBerry Spoofer
CompanyName: BlueBerry Spoofer
FileDescription: BlueBerry Spoofer
FileVersion: 2.0.0.0
InternalName: BlueBerry MrB.exe
LegalCopyright: Copyright ©  2023
LegalTrademarks: BlueBerry Spoofer
OriginalFilename: BlueBerry MrB.exe
ProductName: BlueBerry Spoofer
ProductVersion: 2.0.0.0
Assembly Version: 2.0.0.0

IL:Trojan.MSILZilla.12712 also known as:

Lionic	Trojan.Win32.Zilla.4!c
Elastic	malicious (high confidence)
FireEye	Generic.mg.f09d1d40d778253e
CAT-QuickHeal	Trojan.YakbeexMSIL.ZZ4
ALYac	IL:Trojan.MSILZilla.12712
K7AntiVirus	Trojan ( 0058bd481 )
Alibaba	Packed:MSIL/MindLated.101351c0
K7GW	Trojan ( 0058bd481 )
CrowdStrike	win/malicious_confidence_60% (W)
ESET-NOD32	a variant of MSIL/Packed.MindLated.A suspicious
APEX	Malicious
Paloalto	generic.ml
Kaspersky	Trojan-PSW.Win32.Disco.kpl
BitDefender	IL:Trojan.MSILZilla.12712
MicroWorld-eScan	IL:Trojan.MSILZilla.12712
Avast	Win32:PWSX-gen [Trj]
Emsisoft	IL:Trojan.MSILZilla.12712 (B)
McAfee-GW-Edition	Artemis!Trojan
Microsoft	Trojan:Win32/Sabsik.TE.B!ml
ZoneAlarm	Trojan-PSW.Win32.Disco.kpl
GData	IL:Trojan.MSILZilla.12712
AhnLab-V3	Trojan/Win.PWS-Banker.C4865737
BitDefenderTheta	Gen:NN.ZemsilCO.34182.am0@aK55iki
MAX	malware (ai score=85)
TrendMicro-HouseCall	TROJ_GEN.R002H09B322
Rising	Trojan.Generic/MSIL@AI.96 (RDM.MSIL:Nf1yWgtYGwtSFLthDEf/Fg)
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	Riskware/Application
AVG	Win32:PWSX-gen [Trj]
Panda	Trj/GdSda.A

How to remove IL:Trojan.MSILZilla.12712?

IL:Trojan.MSILZilla.12712 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X